Granting Sudo Access in /etc/sudoers

New Contributor
New Contributor

Unable to locate any information in the UNIX connector about handling sudo access in the /etc/sudoers file for AIX, HP-UX and RHEL.  

Currently, the process is handled manually where the SME logs onto the UNIX/Linux server and perform the job using visudo and adds two lines:

# a comment/ justification/owner
<user ID> /bin/rm, /bin/chown, /bin/chmod, /tmp/[0-9]*/

or for a group:

%<group name> All =(root) /bin/su - <group name>, /usr/bin/su <group name>, /usr/bin/su <group name>, /usr/bin/su - <group name>

Another use case is where the account is granted root access:
<user ID> ALL=(root) /bin/su -, /bin/su - root

Can this process be automated through the UNIX connector when an account is provisioned or modified?




Saviynt Employee
Saviynt Employee


We cannot manage the /etc/sudoers file directly from the Connector. You should be able to run commands to directly add users to sudo using usermod but your use case is not directly achievable .


Sahaj Ranajee
Sr. Product Specialist

New Contributor
New Contributor

Hello Sahaj:

A follow up, if I may, while dealing with this topic.

We have identified the following use cases that I need to validate:

  • For AIX target servers, are these commands not supported as well?
    • Granting an account remote login as follows:  chuser rlogin=true unsuccessful_login_count=0 expires=0 <account>
    • Password reset: pwdadm -c <account>
    • Unlock an account: chuser account_locked=false <account>
    • Reset counter: chsec -f /etc/security/lastlog -s <account>  -a unsuccessful_login_count=0 

Your help is very much appreciated.